Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D4ZTTiVgcjcX5m7hnG6nhd9BpB0.roa
File: D4ZTTiVgcjcX5m7hnG6nhd9BpB0.roa (raw, json)
Hash identifier: I0Tu89L1dlY7Z8Kt9ltqco5qLRoqYCwlesumTh3YN/M=
Subject key identifier: 0F:86:53:4E:25:60:72:37:17:E6:6E:E1:9C:6E:A7:85:DF:41:A4:1D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185DA3EF538B99D2CB044F90C52BEBAC2D7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D4ZTTiVgcjcX5m7hnG6nhd9BpB0.roa
Signing time: Sun 22 Jan 2023 16:10:37 +0000
ROA not before: Sun 22 Jan 2023 16:10:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.107.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jan 2023 07:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:da:3e:f5:38:b9:9d:2c:b0:44:f9:0c:52:be:ba:c2:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 22 16:10:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f86534e2560723717e66ee19c6ea785df41a41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9a:4a:4b:38:46:a7:44:bc:df:dc:02:46:a8:
dc:c6:64:32:8e:f1:f5:b9:4b:f9:da:34:36:26:db:
22:ad:46:1e:da:9e:f3:76:71:cf:6e:d5:94:90:62:
f2:3a:06:a1:3b:5c:96:2e:67:cd:64:61:96:d2:56:
16:e0:7e:a9:6a:a9:2c:13:8f:1a:09:2d:b9:b7:62:
17:4f:13:bb:b4:e6:d1:57:38:30:97:1c:52:0f:6f:
22:4f:8a:f1:8d:eb:24:20:48:69:fc:20:71:e9:42:
75:e2:eb:78:5b:cd:cb:13:96:64:b6:cf:a1:2b:5d:
e2:ba:ed:ee:87:1a:70:13:8b:4e:17:68:af:02:fe:
45:b6:e5:49:0a:c8:0f:22:de:22:e1:c7:56:0a:0d:
a3:03:4c:33:42:22:4c:d8:b1:d3:40:6f:59:ce:0f:
92:5a:51:67:b8:29:bf:7e:5f:7e:f7:93:33:d1:de:
9d:ea:60:75:28:ea:70:71:8f:71:aa:b9:d6:6a:23:
10:e5:39:55:cc:00:cf:b2:f5:ea:f7:37:b6:fc:a1:
16:74:4c:ca:5f:5c:de:bf:49:00:bb:0e:6c:7d:14:
2e:8f:1d:81:9f:f6:e0:30:43:9b:78:20:77:ef:ef:
d3:77:05:4a:4c:13:55:c2:6a:24:a2:a9:a6:fe:9e:
10:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:86:53:4E:25:60:72:37:17:E6:6E:E1:9C:6E:A7:85:DF:41:A4:1D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D4ZTTiVgcjcX5m7hnG6nhd9BpB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.63.0/24
84.32.95.0/24
84.32.104.0/23
84.32.107.0/24
84.32.214.0/23
88.216.2.0/24
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ca:64:03:05:47:42:58:32:c4:a2:6e:00:d4:70:98:f9:26:
a3:ce:27:00:76:78:da:37:7c:b6:41:8f:94:fe:e7:e5:ed:2a:
6a:34:be:4c:ab:46:f4:c6:e1:48:7c:c3:03:df:01:51:1f:5b:
e9:9a:0c:fc:f2:62:39:e3:5e:f4:a5:40:70:08:8e:96:41:ea:
66:f0:fb:1f:e8:dc:8b:d1:d0:66:ef:3d:e7:16:43:b9:37:6f:
37:1e:ba:9a:65:14:49:f0:81:99:71:e7:ea:dd:36:19:80:e7:
06:99:ef:f4:0e:8d:ed:ff:20:e2:57:6b:e0:a5:05:9e:7c:0c:
f4:a3:67:d3:36:cf:09:6a:76:8b:5a:5c:a5:b0:cf:06:af:a7:
e3:95:7c:96:45:8c:5c:13:9b:ee:50:4d:06:b1:e6:b1:8a:70:
7d:90:d1:90:f6:cb:d2:3b:67:b5:4b:6c:5d:f7:bc:9b:b8:07:
9c:4e:02:12:2f:b4:b6:5e:ec:a8:25:f2:73:4d:61:1b:f5:ff:
5b:2f:3c:e6:75:1e:f2:78:72:c6:64:4c:8b:07:de:8d:81:60:
93:24:f5:02:65:30:33:a2:13:60:0b:02:dc:60:16:97:bd:89:
55:ed:13:86:9b:1e:34:ec:cf:e6:30:3c:0b:da:92:2a:99:ad:
e8:f1:ef:f1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYXaPvU4uZ0ssET5DFK+usLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTIyMTYxMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg2NTM0ZTI1NjA3MjM3MTdlNjZlZTE5YzZlYTc4NWRmNDFhNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5pKSzhGp0S839wCRqjcxmQyjvH1
uUv52jQ2JtsirUYe2p7zdnHPbtWUkGLyOgahO1yWLmfNZGGW0lYW4H6paqksE48a
CS25t2IXTxO7tObRVzgwlxxSD28iT4rxjeskIEhp/CBx6UJ14ut4W83LE5Zkts+h
K13iuu3uhxpwE4tOF2ivAv5FtuVJCsgPIt4i4cdWCg2jA0wzQiJM2LHTQG9Zzg+S
WlFnuCm/fl9+95Mz0d6d6mB1KOpwcY9xqrnWaiMQ5TlVzADPsvXq9ze2/KEWdEzK
X1zev0kAuw5sfRQujx2Bn/bgMEObeCB37+/TdwVKTBNVwmokoqmm/p4Q2QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFA+GU04lYHI3F+Zu4Zxup4XfQaQdMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRDRaVFRpVmdjamNYNW03aG5HNm5oZDlCcEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCA/AwQA
VCBfAwQBVCBoAwQAVCBrAwQBVCDWAwQAWNgCAwQAWNgiAwQAWNjFMA0GCSqGSIb3
DQEBCwUAA4IBAQB0ymQDBUdCWDLEom4A1HCY+SajzicAdnjaN3y2QY+U/ufl7Spq
NL5Mq0b0xuFIfMMD3wFRH1vpmgz88mI54170pUBwCI6WQepm8Psf6NyL0dBm7z3n
FkO5N283HrqaZRRJ8IGZcefq3TYZgOcGme/0Do3t/yDiV2vgpQWefAz0o2fTNs8J
anaLWlylsM8Gr6fjlXyWRYxcE5vuUE0GseaxinB9kNGQ9svSO2e1S2xd97ybuAec
TgISL7S2XuyoJfJzTWEb9f9bLzzmdR7yeHLGZEyLB96NgWCTJPUCZTAzohNgCwLc
YBaXvYlV7ROGmx407M/mMDwL2pIqma3o8e/x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org